uTalk

thrive

Member

Registered: 2023-01-04

Posts: 2,018

MOVEit Transfer App's Third Bug Found During Mass Cl0p Ransomware

A third vulnerability affecting Progress Software's MOVEit Transfer application was disclosed on Thursday as the Cl0p cybercrime gang used extortion against the affected businesses.

A SQL injection vulnerability that "could result in escalated privileges and potential unauthorized access to the environment" is also a part of the newly discovered flaw, which has not yet been given a CVE number. ".

To protect their environments while a fix to the weakness is being developed, the company is advising its clients to turn off all HTTP and HTTPs traffic to MOVEit Transfer on ports 80 and 443. The cloud-managed file transfer program has received all necessary patches.

The information was made public a week after Progress disclosed another set of SQL injection flaws (CVE-2023-35036), which the company claimed could be exploited to gain access to the database content of the application.

The flaws join CVE-2023-34362, a zero-day exploit used in data theft attacks by the Clop ransomware gang. Kroll claimed to have discovered proof that the group, known by Microsoft as Lace Tempest, had been testing the exploit as early as July 2021.

Use the MOVEit Transfer App.
The development also takes place at the same time that the Cl0p actors publish a list of 27 companies on their darknet leak portal that they claim were compromised by the MOVEit Transfer flaw. This also includes numerous U., claims a CNN report. S. the Department of Energy, among other federal agencies.

a weakness in the MOVEit Transfer App.
According to ReliaQuest, "the number of potentially compromised organizations to date is significantly higher than the initial number named as part of Clop's last MFT exploitation: the Fortra GoAnywhere MFT campaign.".

Nearly 31% of the over 1,400 exposed hosts running MOVEit, according to Censys, a web-based search platform for evaluating attack surfaces for internet-connected devices, are in the financial services sector, followed by healthcare (16%), information technology (9%), and the government and military (8%) sectors. Nearly 80% of the servers are located in the United States. S.

According to Kaspersky's analysis of 97 families of malware that were distributed using the malware-as-a-service (MaaS) business model between 2015 and 2022, ransomware has a 58 percent market share, followed by information stealers (24 percent), botnets, loaders, and backdoors (18 percent), and then information thieves.

"Money is the root of all evil, including cybercrime," the Russian cybersecurity firm asserted, adding that MaaS schemes enable less technically skilled attackers to participate in the fight, lowering the bar for carrying out such attacks.

Crpuss

Member

Registered: 2023-06-16

Posts: 234

Re: MOVEit Transfer App's Third Bug Found During Mass Cl0p Ransomware

The real deal is that everyone needs to be careful about the site and application they have on their phones some of this application and sites can bring in several risks.